@jmelosegui Sorry that it took a little while to take a look at this one, were you able to get it resolved? If not, can you show me the commands that you used to allow the CreateBranch permissions? (And the command used to get the report above) (You can replace the parts of your URLs with * that show your account names)

There is more information on how these permissions interact here: https://docs.microsoft.com/en-us/vsts/organizations/security/about-permissions?view=vsts#permission-settings

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

reassign @DmitriyKirakosyan

@jmelosegui I've tested this case and it worked as expected for me.
Steps:

1. Created a private repo
2. Setup branch permissions as it is described in the doc
3. Added a user to Contributors group
4. Logged in with the added user and tried to create some branches.

Result: As expected, I could only create branches started with features/ and users/. Same result when using the git CLI.

Regarding your output, I believe that it shows the __inherited__ __allow__ and __deny__ permissions, which is set in its parent, and its own permissions, which override the __inherited__ ones. This means adding a permission, eg /allow:CreateBranch won't remove its inherited permissions but will override it. So it's just the way it works and displayed.

Please let me know it works for you.
In case you're still having troubles setting up the permissions, please provide more details and steps to reproduce the issue.

@steved0x can we closed this? Because issue was created 2 years ago, now @jmelosegui didn't responed and everything work as expected

@msebolt could you please see my last comment, can we close this?